Security Alerting and Event Management in the Era of Machine Learning: Our Experience in the Industry

Flavio Villanustre, CISO and VP of Technology, LexisNexis® Risk Solutions

Abstract: 

Gone are the days when prevention almost guaranteed complete risk mitigation. While prevention is still paramount, early detection and containment/attack mitigation are critical to any reasonable information security program and to the long term survivability of any organization. Moreover, systems have become increasingly more complex and bad actors have developed more sophisticated attacks, introducing new challenges and rendering traditional Security Incident Event Management solutions far less effective. However, there are new techniques in the toolbox of the information security practitioner which can help overcome some of these obstacles and level the field in this asymmetric cyber-warfare. In particular, unsupervised and semi-supervised learning techniques both, from traditional machine learning and from deep learning algorithms, can be used to more effectively identify known and novel attacks and reduce the burden on rule developers. During this presentation, we will introduce the audience to our experience evolving our security incident event management to cope with the modern threat landscape.

Flavio Villanustre, CISO and VP of Technology for LexisNexis® Risk Solutions

Dr. Flavio Villanustre is CISO and VP of Technology for LexisNexis® Risk Solutions. He also leads the open source HPCC Systems® platform initiative, which is focused on expanding the community gathering around the HPCC Systems Big Data platform, originally developed by LexisNexis Risk Solutions in 2001 and later released under an open source license in 2011. Flavio’s expertise covers a broad range of subjects, including hardware and systems, software engineering, and data analytics and machine learning. He has been involved with open source software for more than two decades, founding the first Linux users’ group in Buenos Aires in 1994.

BibTeX
@conference {215333,
author = {Flavio Villanustre},
title = {Security Alerting and Event Management in the Era of Machine Learning: Our Experience in the Industry},
year = {2018},
address = {Atlanta, GA},
publisher = {{USENIX} Association},
month = may,
}